IN THE CLAIMS 
Please amend the claims as follows: 

1. (original) A method of establishing a secure authenticated 
channel between two devices device A and device. B, where A 
authenticates to B using challenge/response public key- 
cryptography, and device B authenticates to device A using a zero- 
knowledge protocol . 

2. (original) The method of claim 1, in which the zero -knowledge 
protocol is a Guillou-Quisquater zero-knowledge protocol. 

3. (original) The method of claim 1, in which the zero- knowledge 
protocol is a Fiat-Shamir zero-knowledge protocol. 

4. (original) The method of claim 1, in which the zero- knowledge 
protocol is a Schnorr zero -knowledge protocol . 

5. (original) The method of claim 1, in which device B 
authenticates to device A using a combination of the zero-knowledge 
protocol and a broadcast -encryption system, where a secret used in 
the zero -knowledge protocol is scrambled such that it can only be 
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obtained by those that can process a broadcast encryption key-block 
successfully . 

6. (original) The method of claim 5, where the secret used in the 
zero -knowledge protocol is encrypted by the root-key K root of a 
broadcast encryption system key-block. 

7. (original) The method of claim 5, where there is one key block 
with a root key K roottl to allow for authentication, and another key 
block with root key K roo t,2 for content encryption. 

8. (currently amended) The method of claim 1 or 5 , where the 
zero -knowledge pair {J,s} is different for every key-block. 

9. (currently amended) The method of claim 1 or 5 , in which 
device B generates a bas key and sends the bas key to device A. 

10. (currently amended) The method of claim 9 ao dependent from 
in which device A only accepts the bas key if device A can 

verify that device B can descramble the secret. 

11. (original) A system comprising a first device A and a second 
device B, where the device A is arranged to authenticate to the 
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device B using challenge/ response public key cryptography, and the 
device B is arranged to authenticate to the device A using a zero- 
knowledge protocol . 

12. (original) A first device A arranged to authenticate itself 
to a second device B using challenge/response public key 
cryptography, and arranged to authenticate the second device B 
using a zero -knowledge protocol. 

13. (original) A second device B arranged to authenticate itself 
to a first device A using a zero-knowledge protocol, and arranged 
to authenticate the first device A using challenge/response public 
key cryptography. 

14. (currently amended) A computer program product comprising" 
code enabling a programmable device to operate as the first device 
of claim 12 and/or the oocond device of claim 13 . 
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